<hat="individual"> I support this republication, thanks, Mike! On Wed, Jul 20, 2016 at 2:34 AM Mike West <mkwst@google.com> wrote: > Hello, webappsec! > > Based on the discussion in the public-webappsec thread starting at [1], > our face-to-face at [2], and our recent call at [3], I'd like to refresh > the Mixed Content CR with the following document that aligns mixed > content's checks with Secure Context's definition of > potentially trustworthy URLs: > > https://w3c.github.io/webappsec-mixed-content/CR.html > > Among other things, this means that `http://127.0.0.1/` > <http://127.0.0.1/> will not be considered mixed content when loaded in > an otherwise secure page. > > The deadline for this CfC is in one week, July 27th, with as short a CR > period as possible in the hopes of taking it to PR in the TPAC timeframe. Feedback, > both positive and negative is welcome, either directly to the list, or via > some sort of clever emoji response to *https://github.com/w3c/webappsec-mixed-content/issues/6 > <https://github.com/w3c/webappsec-mixed-content/issues/6>*. > > [1]: > https://lists.w3.org/Archives/Public/public-webappsec/2016Apr/0044.html > [2]: https://www.w3.org/2016/05/16-webappsec-minutes.html#item05 > [3]: https://www.w3.org/2016/07/13-webappsec-minutes.html#item05 > > > > -mike >
Received on Wednesday, 20 July 2016 20:07:20 UTC